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Detailed Action 

Claims 32-97 are pending in this Office Action. 
Claims 32, 33, 49, 50 and 79 have been amended. 

The 35 U.S.C. 1 12, second paragraph rejection is modified in view of applicants aniendments 
and arguments. 

Information Disclosure Statement 
The information disclosure statement filed 10/7/04 and again 6/7/06 has been considered. 

Response to Arguments 

Applicant's arguments filed in the amendment filed 5-14-07, have been fully considered 
but they are not persuasive. The reasons are set forth below. 

Applicant's invention as claimed: 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purpos.es of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 
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Claims 32-97 are rejected under 35 U.S.C. 102(e) as being anticipated by U.S. Patent 
No. 6,886,103 by Brustoloni et al. 

Regarding claim 32, a method for supporting establishment of a connection between a node of an 
inside address realm and a node of an outside address realm through an intermediate 
communication gateway having a limited number of available outside-realm gateway addresses 
for enabling outside-realm representation of inside-realm nodes (Brustoloni: col. 1, lines 25-51), 
said method comprising the steps of: 

identifying, based on predetermined cormection information, further connection 
information that in combination with said predetermined connection information defines an 
outside-realm gateway state representation that has no counterpart in a predetermined set of 
existing gateway connection states (Brustoloni: col, 1, lines 49-56 predetermined connection 
information is the translation table), wherein said predetermined connection information includes 
at least one of network address information and port information of at least one of said inside- 
realm node and said outside-realm node and said further cormection information includes an 
outside-realm gateway address (Brustoloni: coL 1, lines 49-51); and 

initiating establishment of said connection based on said outside-realm gateway state 
representation (Brustoloni: col. 1, lines 59-60). 

Regarding claim 33, the method according to claim 32, further comprising the step of 
maintaining a list representation of said predetermined set of existing gateway connection states 
(Brustoloni: col. 1, lines 49-56; translation table), and wherein said outside-realm gateway state 
representation is identified based on comparison with corresponding information of said gateway 
connection states represented in said list representation (Brustoloni: col. 7, lines 62-67). 

Regarding claim 34, the method according to claim 32, wherein said predetermined connection 
information, for an inside-realm initiated connection, includes at least one of outside node 
address information and outside node port information (Brustoloni: col. 1, lines 25-51), said 
outside-realm gateway state representation is an at least partially complete gateway state 
representation (Brustoloni: col. 1, lines 25-51; globally unique IP and GPN), and said 
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predetermined set of gateway connection states includes the existing gateway connection states 
in said gateway (Brustoloni: col. 1, lines 49-56; completed translation to private IP). 

Regarding claim 35, the method according to claim 34, wherein said further connection 
information also includes associated gateway port information (Brustoloni: col. 1, lines 49-56; 
GPN), said outside-realm representation is a complete outside-realm representation (globally 
unique), and said step of initiating establishment of said connection comprises the step of 
requesting that said gateway creates a gateway connection state based on said complete outside- 
realm representation (Brustoloni: col. 1, lines 25-51). 

Regarding claim 36, the method according to claim 34, wherein said outside-realm 
representation is a partially complete outside-realm representation, and said step of initiating 
establishment of said connection comprises the step of requesting that said gateway creates a 
partially complete gateway connection state based on said partially complete outside-realm 
representation (Brustoloni: col. 1, lines 25-51; incoming packets are addressed to the partially 
complete representation (the global address) and are translated to the private address). 

Regarding claim 37, the method according to claim 36, further comprising the step of selecting, 
if said identification is not possible, an outside-realm gateway address among the least utilized 
outside-realm gateway addresses to define said partially complete outside-realm representation to 
be used for initiating establishment of said connection (Brustoloni: col. 5, lines 28-50; free 
addresses). 

Regarding claim 38, the method according to claim 37, further comprising the step of verifying,, 
upon receipt of a packet from said inside node to said gateway, that said partially complete 
outside-realm representation in further combination with inside node port information associated 
with said packet, defines a complete outside-realm gateway state representation that has no 
counterpart in any existing gateway connection state (Brustoloni: globally unique; col. 5, lines 
40-50). 
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Regarding claim 39, the method according to claim 38, further comprising the step of 
transforming a partially complete gateway cormection state created in said gateway based on said 
partially complete outside-realm representation into a complete gateway connection state based 
on said complete outside-realm representation, thereby completely establishing said connection 
(Brustoloni: globally unique; col. 5, lines 40-50). 

Regarding claim 40, the method according to claim 32, wherein said predetermined connection 
information, for an outside-realm initiated connection, includes at least one of outside node 
address information and inside node port information, said outside-realm gateway state 
representation is a partially complete gateway state representation and said predetermined set of 
gateway connection states includes the existing partially complete gateway cormection states in 
said gateway (Brustoloni: col. 1, lines 25-51). 

Regarding claim 41, the method according to claim 40, wherein said step of identifying further 
connection information including an outside-realm gateway address comprises the step of 
traversing outside-realm gateway addresses of the gateway until finding an outside-realm 
gateway address, which in combination with said predetermined connection information has no 
counterpart in any existing partially complete gateway connection state (Brustoloni: col. 8, lines 
49-57). 

Regarding claim 42, the method according to claim 40, wherein said step of identifying further 
cormection information including an outside-realm gateway address comprises the step of 
verifying that a pre-al located outside-realm gateway address in combination with said 
predetermined connection information has no counterpart in any existing partially complete 
gateway connection state (Brustoloni: col. 5, lines 27-50; globally unique; elm 5). 

Regarding claim 43, the method according to claim 40, wherein said step of initiating 
establishment of said connection comprises the step of requesting that said gateway establishes a 
partially complete gateway connection state based on said partially complete outside-realm 
representation (Brustoloni: col. 5, lines 27-50). 
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Regarding claim 44, the method according to claim 43, further comprising the step of 
transforming, upon receipt of a packet from said outside node to said gateway, said partially 
complete gateway connection state that has been created in said gateway into a complete 
gateway connection state based on complementary connection information associated with said 
packet (Brustoloni: col. 5, lines 27-50). 

Regarding claim 45, the method according to claim 44, wherein said predetermined connection 
information is predetermined outside node address information, and said complementary 
connection information includes inside node port information and outside node port information 
(Brustoloni: col. 5, lines 27-50). 

Regarding claim 46, the method according to claim 44, wherein said predetermined connection 
information is predetermined inside node port information, and said complementary connection 
information includes outside node address information and outside node port information 
(Brustoloni: col. 5, lines 27-50; Fig. 6). 

Regarding claim 47, the method according to claim 40, further comprising the steps of: 

selecting, if said identification is not possible based on predetermined inside node port 

information, another gateway port (Brustoloni: col. 5, lines 27-50; allocate an available address 

with IP and GPN); and 

identifying further connection information including an outside-realm gateway address 

based on said selected gateway port to define a unique, partially complete outside-realm 

representation of a gateway connection state (Brustoloni: col. 5, lines 27-50). 

Regarding claim 48, the method according to claim 40, wherein said predetermined connection 
information originates from a user-resource identifier query initiated from said outside node 
(Brustoloni: col. 1, lines 45-66). 
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Regarding claim 86, the method according to claim 32, wherein said connection establishment is 
based on said outside-realm gateway state representation and a corresponding inside-realm 
gateway state representation (Brustoloni: col. 1, lines 25-56). 

Regarding claim 87, the method according to claim 32, further comprising the steps of: 

preparing, at said outside node, a user-resource identifier query that includes an inside 
node identifier as well as said predetermined connection information including at least one of 
outside node address information and inside node port information (Brustoloni: col. 1, lines 45- 
66); 

determining inside-realm network address information based on said inside node 
identifier included in said identifier query (Brustoloni: col. 1, lines 45-66; translation table); 

identifying, based on said predetermined connection information included in said 
identifier query, said outside-realm gateway address to be used in establishing a dynamic 
gateway connection state for a flow between said outside node and said inside node through said 
gateway (Brustoloni: col. 1, lines 25-5); and 

establishing said dynamic gateway connection state based on said identified outside- 
realm gateway address, said predetermined connection information included in said identifier 
query and said inside-realm network address information, thereby enabling an outside-realm 
initiated connection (Brustoloni: col. 3, lines 31-62). 

Regarding claim 88, the method according to claim 87, wherein said step of establishing said 
dynamic gateway connection state comprises the steps of: 

creating a partially complete gateway connection state based on said identified outside- 
realm gateway address, said predetermined cormection information included in said identifier 
query and said inside-realm network address information (Brustoloni: col. 1, lines 45-66); and 

upon receipt of a packet from said outside node to said gateway, transforming said 
partially complete gateway state into a complete gateway connection state based on 
complementary connection information associated with said packet (Brustoloni: col. 5, lines 30- 
50). 
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Regarding claim 89, the method according to claim 87, wherein said step of identifying an 
outside-realm gateway address comprises the step of identifying an outside-realm gateway 
address (Brustoloni: col, 1, lines 25-50; global address), which in combination with said 
predetermined information included in said identifier-query defines a partially complete outside- 
realm gateway state representation that has no counterpart in any existing partially complete 
gateway connection state (Brustoloni: col. 1, lines 25-50; globally unique). 

Regarding claim 90, the method according to claim 89, further comprising the step of 
maintaining a separate list representation of existing partially complete gateway connection 
states (Brustoloni: col. 1, lines 49-56; translation table; Fig. 6), and wherein said partially 
complete outside-realm representation is identified based on comparison with corresponding 
information of all existing partially complete gateway connection states represented in said list 
representation (Brustoloni: col. 1, lines 25-50; lookup and match). 

Regarding claim 91, the method according to claim 90, wherein said step of identifying an 
outside-realm gateway address comprises the step of traversing outside-realm gateway addresses 
associated with said gateway until finding an outside-realm gateway address, which in 
combination with said predetermined connection information included in said identifier query 
has no counterpart in any existing partially complete gateway connection state represented in 
.said list representation (Brustoloni: col. 8, lines 49-57). 

Regarding claim 92, the method according to claim 90, wherein said step of identifying an 
outside-realm gateway address comprises the step of verifying that a pre-allocated outside-realm 
gateway address in combination with said predetermined connection information included in said 
identifier query has no counterpart in any existing partially complete gateway connection state 
represented in said list representation (Brustoloni: globally unique; col. 5, lines 40-50). 

Regarding claim 93, the method according to claim 88, wherein said predetermined connection 
information included in said identifier query is an outside network address of said outside node, 
and said complementary connection information for completing the gateway cormection state 
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includes a port number of said inside node and a port number of said outside node (Brustoloni: 
col. 1, lines 25-56; Fig. 6). 

Regarding claim 94, the method according to claim 88, wherein said predetermined connection 
information included in said identifier query is an inside node port number, and said 
complementary connection information for completing the gateway connection state includes an 
outside network address of said outside node and a port number of said outside node (Brustoloni: 
Fig. 6). 

Regarding claim 95, the method according to claim 87, further comprising the step of notifying 
said outside node of said identified outside-realm gateway address (Brustoloni: col. 5, lines 40t 
44). 

Regarding claim 96, the method according to claim 87, wherein said user-resource identifier 
query is a Domain Name Server (DNS) query (DNS is an Application Level Gateway as defined 
by applicants IDS- Network Working Group; col. 1, lines 60-66). 

Regarding claim 97, the method according to claim 87, wherein said inside address realm is a 
private address realm and said outside address realm is a public address realm (Brustoloni: col. 1, 
lines 25-56). 

Regarding claim 76, the system according to claim 67, wherein said means for identifying an 
outside-realm gateway address, among the outside-realm gateway addresses associated with said 
gateway, includes a gateway resource manager (Brustoloni: col. 5, lines 25-50; Fig. 1; brustoloni 
teaches allocating and deallocating network resources). 



Regarding claim 79, a gateway resource manager for a communication gateway that has a 
limited number of available outside-realm gateway addresses for enabling outside-realm 
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representation of inside-realm nodes (Brustoloni: col. 5, lines 25-50), said gateway resource 
manager comprising: 

- means for receiving predetermined connection information (Brustoloni: col. 1, lines 25- 

66); 

- means for identifying, based on said predetermined connection information, further 
connection information that in combination with said predetermined connection information 
defines an outside-realm gateway state representation that has no counterpart in a predetermined 
set of existing gateway connection states (Brustoloni: col. 1, lines 25-56 predetermined 
connection information is the translation table; globally unique), wherein said predetermined 
connection information includes at least one of network address information and port 
information of at least one of said inside- realm node and said outside-realm node and said 
further connection information includes an outside-realm gateway address (Brustoloni: col. 1, 
lines 25-66); and 

means for initiating establishment of a connection based on said outside-realm gateway 
state representation (Brustoloni: col. 1, lines 59-60). 

Regarding claim 80, the gateway resource manager according to claim 79, wherein said 
receiving means is operable for receiving inside-realm network address information 
corresponding to an inside node, and predetermined connection information including at least 
one of address information of an outside node and inside node port information (Brustoloni: col. 
1, lines 46-66); 

said outside-realm gateway address is to be used in establishing a dynamic gateway 
connection state for a flow between said outside node and said inside node through said gateway 
(Brustoloni: col. 5, lines 25-50); 

said means for initiating establishment of a connection comprises means for requesting 
said gateway to establish said dynamic gateway connection state based on said identified 
outside-realm gateway address, said predetermined connection information and said inside-realm 
network address information (Brustoloni: col. 1, lines 25-66). 
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Regarding claim 8 1 , the gateway resource manager according to claim '80, wherein said 
predetermined connection information is an outside node address (Brustoloni: col. 1, lines 46- 
66), and said requesting means is operable for requesting allocation of said identified outside- 
realm gateway address to said inside node for traffic coming from said outside node address 
(Brustoloni: col. 5, lines 26-50). 

Regarding claim 82, the gateway resource manager according to claim 80, wherein said 
requesting means is operable for sending a request to said gateway for establishment of a 
partially complete gateway connection state based on said identified outside-realm gateway 
address, said predetermined connection information and said inside-realm network address 
information (Brustoloni: col. 5, lines 25-50). 

Regarding claim 83, the gateway resource manager according to claim 82, further comprising: 
means for receiving a reply from said gateway that said partially complete gateway 

connection state has been created (Brustoloni: Fig. 7; return allocated values); and 

means for notifying said outside node of said identified outside-realm gateway address in 

response to said reply fi-om said gateway (Brustoloni: Fig. 7), 

Regarding claim 84, the gateway resource manager according to claim 82, wherein said means 
for identifying an outside-realm gateway address is operable for identifying an outside-realm 
gateway address, which in combination with said predetermined information defines a partially 
complete outside-realm gateway state representation that has no counterpart in any existing 
partially complete gateway connection state (Brustoloni: col. 1, lines 44-66). 

Regarding claim 85, the gateway resource manager according to claim 84, further comprising 
means for maintaining a list representation of existing partially complete gateway connection 
states, and wherein said partially complete outside-realm representation is identified based on 
comparison with corresponding information of all existing partially complete gateway 
connection states represented in said list representation (Brustoloni: col. 1, lines 44-66). 
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Claims 49-78 are substantially similar to claims 32-48, 87-97 and are rejected under the 
same grounds. 

Remarks 

Applicant has made minor aniendments fixing 1 12, 2"^ paragraph rejections but argues 
the invention as a whole over the prior art of record. 
The Applicant Argues: 

Applicant argues the Brustoloni reference does not teach "the address information of the 
inside realm node nor the address information of the outside realm node." 

In response, the examiner respectfully submits: 
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The Brustoloni teaches the claimed limitations and the rejection is maintained. The applicant 
uses such broad and vague terms in the arguments and claim limitations that Brustoloni 
anticipates every claimed limitation. Applicant defines 'predetermined connection information' 
as network address information and/or port information of at least one of the inside-realm node * 
and outside-realm node. Brustoloni teaches both network address information and port 
information are stored in memory (col. 1, lines 45-66). The reference shows GPN (generalized 
port number), private, and global IP addresses associated with the perspective clients. This 
'predetermined connection information' in combination 'further connection information' taught 
as global address, port number, and foreign address uniquely identify the private address. 
Applicant's argued "more information or further information" that is more than NAT or 
Brustoloni is not clearly identified in the claim language. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in* this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
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however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin R Bruckart whose telephone number 571-272-3982. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone numbers for the 
organization where this application or proceeding is assigned are (571) 273-8300 for regular 
communications and after final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the examiner whose telephone number is 571-272-3982. 

Benjamin R Bruckart 

Examiner // 
Art Unit 2155 ^ // // / 




